The top level of the LDAP directory tree is the base, referred to as the
"base DN". A base DN usually takes one of the three forms listed here.
The examples below assume we are working with iDevelopment,
which is on the Internet as iDevelopment.info.

o="idevelopment",c=US(base DN in X.500 format)

In this example, o=idevelopment. refers to the organization, which in this context
should be treated as synonymous with the company name. c=US indicates that the company headquarters
is in the US. Once upon a time, this was the preferred method of specifying your base DN. Times and
fashions change, though; these days, most companies are (or plan to be) on the Internet. And what with
Internet globalization, using a country code in the base DN probably made things more confusing in
the end. In time, the X.500 format evolved into the other formats listed below.

This format is fairly straightforward, using the company's Internet domain name as the
base. Once you get past the o= portion (which stands for organization), everyone at your company
should know where the rest came from. This was, until recently, probably the most common of the
currently used formats.

As with the previous format, this uses the DNS domain name as its basis. But where the other
format leaves the domain name intact (and thus human-readable), this format is split into domain
components: idevelopment.info becomes dc=idevelopment,dc=info. In theory, this could be slightly
more versatile, though it's a little harder for end users to remember. By way of illustration, consider
idevelopment.info. When idevelopment.info merges with acme.com, you simply start
thinking of "dc=com" as the base DN. Place the new records into your existing directory
under dc=acme, dc=com, and you're ready to go. (Of course, this approach doesn't help if
idevelopment.info merges with csustan.edu.) This is the format I'd recommend for any new
installations. Oh, and if you're planning to use Active Directory, Microsoft has already decided
for you that this is the format you wanted.

About the Author

Jeffrey Hunter is an Oracle Certified Professional, Java Development Certified Professional, Author,
and an Oracle ACE.
Jeff currently works as a Senior Database Administrator for
The DBA Zone, Inc. located in Pittsburgh, Pennsylvania.
His work includes advanced performance tuning, Java and PL/SQL programming, developing
high availability solutions, capacity
planning, database security, and physical / logical database design in a UNIX /
Linux server environment. Jeff's other interests include mathematical
encryption theory, tutoring advanced mathematics, programming language processors (compilers and interpreters)
in Java and C, LDAP, writing web-based database administration tools, and of
course Linux. He has been a Sr. Database Administrator and Software Engineer
for over 20 years and maintains his own website site at:
http://www.iDevelopment.info.
Jeff graduated from Stanislaus State University in Turlock,
California, with a Bachelor's degree in Computer Science and Mathematics.

Copyright (c) 1998-2015 Jeffrey M. Hunter. All rights reserved.

All articles, scripts and material located at the Internet address of http://www.idevelopment.info is the copyright of Jeffrey M. Hunter
and is protected under copyright laws of the United States. This document may not be hosted on any other site without my express,
prior, written permission. Application to host any of the material elsewhere can be made by contacting me at jhunter@idevelopment.info.

I have made every effort and taken great care in making sure that the material included on my web site is technically accurate,
but I disclaim any and all responsibility for any loss, damage or destruction of data or any other property which may arise from
relying on it. I will in no case be liable for any monetary damages arising from such loss, damage or destruction.